SB2018030818 - Fedora EPEL 6 update for tor
Published: March 8, 2018 Updated: April 24, 2025
Security Bulletin ID
SB2018030818
Severity
Medium
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) NULL pointer dereference (CVE-ID: CVE-2018-0490)
The vulnerability allows a remote attacker to cause DoS condition on the target system.The weakness exists in the directory-authority protocol-list subprotocol implementation due to NULL pointer dereference. A remote attacker can cause the service to crash via a misformatted relay descriptor that is mishandled during voting.
2) Use-after-free (CVE-ID: CVE-2018-0491)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.
Remediation
Install update from vendor's website.